ISCAlert has been activated (that blinking globe thing) to warn people about
MS05-039 related activity that may go critical over the weekend. Three
seperate exploits for the UPnP issue have been released over the last 24 hours.
Please patch your systems if you haven't already. Thank you.

Gee, George, why do I care? Well, Tommy, there are wonderful things waiting just around the corner...let me show you.

From "Introduction to Windows Peer-to-Peer Networking":

"P2P PNRP uses multiple clouds, in which a cloud is a grouping of computers that use addresses of a specific scope. A scope is an area of the network over which the address is unique. PNRP clouds are based on the address scopes for IPv6 addresses."

Now, to test the scalability of some new PNRP features, Microsoft has decided to turn on prnpauto, or PNRP Auto Registration, by default in Vista beta. Boot up your shiny new Vista and a PNRP name gets generated & out goes the registration. Now come the name resolvers a-knockin'. Bingo! Instant anomaly IDS test!

If you aren't all too happy with this arrangement, feel free to kill it off using the Task Manager or "net stop pnrpauto". My advise is to do this before ever putting the box on the wire. Otherwise, it may take some time for the cloud to realize that you aren't playing anymore and the traffic will continue.

Many thanks to Noah Horton for helping the ISC get a handle on what was going on. He also made a blog entry discussing this a bit further at: http://blogs.msdn.com/noahh/